Hack Against US Is 'Grave' Threat, Cybersecurity Agency Says

Lt Col Charlie Brown Yes and No. Yes: all software supply chains are vulnerable, and this is a mess that needs to be cleaned up. No: the response appears to be complete and overwhelming. The compromised certificates used to sign the trojaned Solarwinds software have been revoked. Windows Defender (anti-malware built into every Windows server) was configured to recognize and quarantine the trojaned software (which may cause complete systems failure but will kill the malware. Lastly, the domains used by the malware for command and control were sinkholes (effectively taken out of service). These actions collectively removed control of the malware's infrastructure from the attackers. All while maintaining significant amount of forensic evidence for us to sift through and eventually get to the bottom of what happened. I wouldn't rule out anyone at this point.